Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman AIS - 13th Edition TEST BANK KEY Short Answer Questions Chapter 109 Some business activities that not require traditional journal entries are: obtaining a line of credit, issuing purchase requisitions or purchase orders, signing contracts, hiring a new executive, and sending financial information to investors or bank loan personnel 110 Some reasons why XBRL formatted documents are useful include: they make financial data more searchable, comparable, informative, and therefore useful, it enables companies to use standard tags to identify specific accounting values, the language itself imposes a greater degree of standardization in the informational content of the reports, and XBRL also helps government agencies gather financial data that are more consistent, easier to understand, self-checking, and more quickly communicated Chapter 136 HTML stands for “hypertext markup language.” HTML is the editing language used to display text, graphics, hyperlinks and similar information in web pages HTML is nearly universal in that it works no matter which browser you use The language mostly uses pairs of tags such as and to perform such tasks as bolding text 137 Electronic payments (E-payments) are payments that customers make to sellers electronically They are similar to credit card payments except that they use third parties One advantage of using such a system is that buyers need only provide their credit card numbers or otherwise establish accounts once with the e-payment firm, instead of repetitively with each vendor with whom they business Another major justification for using E-payments is security Credit-card information is at risk when it is transmitted over data communications lines or stored in computer files of many vendors 138 Data encryption refers to transforming plaintext data into scrambled, cyphertext messages that cannot be understood if it is intercepted during data transmission Secret key encryption relies upon a shared algorithm that must be kept secret to be secure Public key encryption uses two keys, a “private key” and a “public key,” both of which must be known before a message can be decoded This enables users to share a public key, but retain the secrecy of a private key Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman Chapter 88 Hacking means gaining illegal or unauthorized access to computers, computer networks, or computer files 89 A computer virus is a program or subroutine that can replicate itself in other programs or computer systems 90 The idea that preventing cybercrime requires good policies and good education is based on the fact that computer security requires commitment by top management to a set of security policies that are understood and followed by employees Employees must be educated such that they are aware of the policies, understand how to follow them, and are also able to recognize cybercrimes when they see them Management must be committed to these policies such that employees understand their importance and recognize the value in helping to enforce the policies Chapter 140 The components that make up an AIS system include: hardware, software, people, data and procedures A system is best viewed as a set of interacting components that must all work together to accomplish data gathering, storage, processing, and output tasks 141 Processor speeds are rarely important to accounting systems because the speed of the processor drastically exceeds the speeds for input and output operations Most computers are I/O bound, meaning that their CPUs mostly wait for data to be input or output 142 In centralized computing systems, the mainframe/host computer or minicomputer/host performs most, if not all, of the processing and database tasks In client/computing, processing may be performed by the server computer or the client (typically, a microcomputer), and database information is usually copied onto several file servers Chapter 102 Data flow diagrams use a square symbol to show the source or destination of data A circle symbol indicates a process An open rectangle symbol indicates a store of data Finally, arrows depict a data flow or data stream 103 Decision tables outline the set of conditions that a given processing task might encounter and indicate the appropriate action to take for each condition Decision tables therefore help system designers plan data processing functions and create written documentation of Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman the processing logic for later reference The major advantage of decision tables is that they can summarize a potentially large number of conditions and actions in a compact format Decision tables are also useful as planning tools to system analysts, programmers, and related individuals who plan and/or create new AISs Finally, the accountants who audit AISs rely heavily upon internal documentation, and decision tables can help them verify the processing logic and control procedures built into these AISs 104 Process maps document business processes in easy-to-follow diagrams Accountants and managers can use this tool to help them describe current processes to others Auditors can use process maps to help them learn how a department or division operates, document what they have learned, and identify internal control weaknesses or problems in existing operations An additional use of process maps is for training—for example, to explain how complicated tax decisions are made Finally, consultants frequently use process maps to help them study business processes and redesign them for greater productivity 105 End user documentation refers to the (often non-existent) user manuals, reference aides, and similar materials that document the databases, spreadsheets, and other systems created by non-IT personnel If end users create the systems, then these developers should also create the documentation for their models End-user documentation is important because such materials explain how systems work, identifies important inputs and outputs, provides valuable insights into embedded controls, and helps others fix or otherwise modify systems when the primary developers are no longer there Chapter 160 The steering committee serves as an oversight committee that monitors the consultant’s progress and critically reviews its systems analysis reports These reports enable the committee to consider the consultant’s findings and evaluate the solutions recommended by its team members for solving current system problems 161 Several conditions when prototyping a system that should be used include: system users not understand their information needs very well, system requirements are difficult to define and experimentation is easier with a live model, the system to be developed is critical and needed quickly, past interactions have resulted in misunderstandings between users and designers, design mistakes are costly, and the risks associated with developing and implementing the wrong system are high 162 PERT charts allow project leaders to achieve the following: (1) outline the full set of activities that must be completed in a project, (2) identify precedence relationships, (3) Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman estimate the completion time of an entire project, (4) identify activities on and off critical paths, and (5) examine “what-if” scenarios when project leaders contemplate reallocating project resources from some activities to others Chapter 113 Primary record keys (also called primary keys) are unique and are used to distinguish one record from another Secondary record keys are rarely unique, i.e., zip codes or last names Foreign record keys are used in databases to link the records in one database table to records in other tables 114 An REA model in an AIS database stores information about these file entities—for example: information about inventories (resources), cash sales (events), and customers (agents) Two examples of such information mentioned in the text are “sales orders” and “hiring decisions.” Similar information includes data about customer demographics, interest rates, or competitor activities Traditional accounting systems store data that directly affect the financial statements of a company For instance: sales, inventory, or accounts payable 115 When a database is not normalized, use of the database can result in anomalies Two types of anomalies are update and delete anomalies An update anomaly occurs when a database user attempts to change information in the database, but data does not update completely or accurately For example, if the owner changed the description of an item in the non-normalized database, the description would be changed for one instance of an inventory item But every inventory item and its description would be repeated for every sale of that item As a result, changing the description for one record in the database will not change the description for every other instance of the same item, and the update of the inventory description will not be complete A delete anomaly occurs when one item is deleted from the database, but other information is unintentionally lost In this example, a store clerk might delete an inventory item because the store no longer intends to sell this item However, deletion of the item could also cause the store to lose information about customers if these customers had only purchased the item that is being deleted Because the customer information is stored with each sale (instead of being stored in its own, normalized table), deletion of items can result in the permanent loss of information about the customers who purchased those items Chapter 102 A database is a collection of tables with individual fields that identify each item (e.g., customer number, customer name, credit limit, etc.) and then relates the tables in order to query and write reports A DBMS is a set of software programs that interfaces between the database and users or user programs Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman 103 The schema of a database is an overall plan for storing information in the tables of a database (e.g., the data it contains and the relationships among them) In contrast, a subschema is a subset of this data (often, a particular user’s view) Subschemas focus on the informational needs of specific users, and limit access to sensitive data Thus, the subschema is on a need to know basis 104 There are many ways that data mining could change the accounting profession Some examples from the text include the ability of auditors to conduct new tests that look for fraud, identification of firms that could go bankrupt by examining the text of MD&A disclosures, discovery of credit card fraud by looking for anomalies in credit card use, and discovering fraudsters by analyzing corporate emails Data mining is already used extensively in marketing, and there is a growing interest, particularly in the audit area, in using data mining to find patterns in data that could reveal errors and fraud Chapter 63 Subforms are handy for showing subordinate information and they also allow users to enter data at the time the form and subform display—a handy feature if the user wishes to create new records in the subform 64 Reasons for designing the layout for a report prior to creating the report include the usefulness of (1) identifying what information to include, or to omit, from a potentially large set of items, (2) deciding how to best make use of the limited “real estate” of an output page, and (3) grouping data in useful ways to best compute subtotals or other statistical outputs This is a good opportunity to remind students that the purpose of most AISs is to provide meaningful, decision-oriented information to users—not simply to create “pretty” reports 65 A report based on a table simply displays the data (or calculated values) from a single underlying table A report based on a query can be based on multiple tables, can also include calculated fields, and of course, will display the information for only those records satisfying the query itself For example, a report based on query might limit the output to those students who live in dorms 66 Controls on forms (such as drop down lists) are often designed to prevent data entry errors and to help users input data more accurately and efficiently These controls affect only the specific form being used For example, a drop down list of states controls only the data entry of states and only when the form with the control is used to enter this data Controls within database tables are more pervasive and provide control over the data that enters the tables regardless of which form is used and regardless of whether a form is used These controls often involve validation rules and data type settings Controls within the tables themselves provide for more wide-ranging protection of the integrity of the data in the database Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman Chapter 10 63 Chapter discussed a number of purposes Among the uses of accounting codes are the following: to uniquely identify accounting data (more than one person or product may have the same name), to compress data (written descriptions are generally much longer than a code), to classify data (codes facilitate classification either manually or electronically), and to convey special meanings (codes can be used to indicate such things as credit ratings, credit limits, prices, or passwords) 64 Data flow diagrams are logical descriptions of a system whereas systems flowcharts capture a physical view of the system The data flow diagram would show processes, similarly to a systems flowchart The systems flowchart, however, is likely to show whether the processes are performed by computer, manually, or by another device Flow lines in the data flow diagram would show input and output items These would either go to a data source or destination or a data store The flowchart would show inputs and outputs apart from flow lines They might be depicted in manual files, disk files, tape files, documents, etc Both flowcharts and data flow diagrams may be designed to show increasing levels of detail For instance, a context data flow diagram corresponds to a high level systems flowchart and each usually shows only one overall process for the revenue cycle 65 Offshoring means that companies have outsourced one or more business functions (processes) to companies that are not located in the US According to a recent META Group report (www.metagroup.com, Worldwide IT Benchmark Report, 2004), India continues to be the preferred offshore country with more than 500,000 knowledge workers Other countries compete with India for this offshore business – such as Russia, the Philippines, Ireland, Israel, and China Chapter 11 69 Two reasons students may give are that outside service bureaus may be less expensive for payroll processing and that an outside service may be advantageous in terms of confidentiality 70 Some "roots" of lean practices include: Consolidating production steps, having raw materials set up at hand to save time and increase productivity, moving equipment to make production flow smoother, and finishing a product in one space rather than walking to another room for finishing Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman 71 Students will come up with a variety of answers to this question Some vertical market industries include: insurance (different insurance needs and fraud), banking (check clearing, credit ratings, credit histories, and financial markets), construction (job costing and bidding capabilities), manufacturing (inventory control), retail (POS systems and analyzing sales), hospitality (monitoring costs, perishable inventory), and government organizations (fund accounting and governmental accounting standards Chapter 12 119 Accounting software is integrated when (1) it contains various modules such as general ledger, accounts receivable, and accounts payable, and (2) inputs and outputs to and from these modules to interact with one another seamlessly and without outside intervention Lacking integration, users must transfer data from one system to another manually—a time-consuming, error-prone process that seems antiquated today 120 All integrated accounting software packages are not alike They differ in many ways, including: (1) the number and types of modules included or available, (2) the sophistication and complexity of the basic general ledger application, (3) the type of company supported (e.g., niche company such as a car-rental agency versus a manufacturing facility), (4) price, (5) the number of simultaneous online users supported, (6) ability to interface with other, non-accounting software, (7) availability of online, cloud hosting, (8) scalability, and (9) various specialized capabilities (e.g., cloudprocessing capabilities, or the ability to work with different currencies) 121 The textbook mentions five major cloud services: (1) anytime, anywhere access to accounting information from a variety of Internet access devices, (2) automatic storage and backup of important accounting data, (3) multiuser access (perhaps from different remote locations), (4) automatic upgrades to newer versions of the software, and (5) the ability to print reports directly from host data sources 122 ERP systems offer flexibility and customization capabilities They may also allow for features such as "user-defined codes." These are extra fields that users can designate to meet the special needs of a particular business Another feature of high-end software is that it typically has more reporting capabilities 123 Sadly, no ERP system appears to be too big to fail, although most companies wish otherwise Figure 12-8 in the chapter provides four, multi-million dollar examples These illustrations point to the importance of advanced planning, careful implementation, and delicate change management when acquiring and installing such systems Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman 124 Some of the consequences of bad decisions when acquiring a new accounting information system are wasted financial investments and wasted time Also, when trying to “make it work,” employees are likely to become frustrated, discouraged, or adversarial, managers will not have the information they need, and outside parties such as suppliers and investors may be inconvenienced In the worst-case scenario, a company may have trouble managing its inventories, paying its bills, collecting on accounts receivable, managing cash flows, reporting net income, and meeting payroll deadlines Chapter 13 89 COSO stands for Committee of Sponsoring Organizations COBIT stands for Control Objectives for Information and Related Technology 90 Preventive control procedures are designed and implemented before an activity is performed to prevent some potential problem (e.g., the inaccurate handling of cash receipts) from occurring that relates to the activity Detective control procedures are designed and implemented to provide feedback to management regarding whether or not operational efficiency and adherence to prescribed managerial policies have been achieved In other words, preventive controls should be developed prior to operating activities taking place and detective controls should be developed to evaluate if operating efficiency and adherence to policies of management have occurred after operating activities have taken place Corrective control procedures come into play based on the findings from the detective control procedures That is, through detective controls, corrective control procedures should be developed to identify the cause of an organization’s problem, correct any difficulties or errors resulting from the problem, and modify the organization’s processing system so that future occurrences of the problem will hopefully be eliminated or at least minimized Examples of each type of control are as follows: Preventive: scenario planning, risk management, segregation of duties, controlling access to assets Detective: duplicate check of calculations, bank reconciliations, monthly trial balances Corrective: backup copies of transactions and master files, training personnel to perform their jobs Chapter 14 Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman 118 Business continuity planning (BCP) is also called contingency planning and disaster planning A business continuity plan is necessary because a variety of unforeseen disasters might occur that would cause a data processing center to not be operational Examples of these disasters include natural events such as fires, floods, hurricanes, earthquakes, and manmade catastrophes such as terrorist attacks 119 The concept of convergence of physical and logical security means that an organization has integrated these two forms of security Thus, incidents that might individually go unnoticed not go undetected when they are combined Restrictions on physical access protect the physical assets of the computer system and the data processing center Restrictions on logical access safeguard computer time and maintain the privacy of the data files available to remote users The combination of these two forms of security can make an organization less vulnerable to embezzlement or fraud 120 The separation of duties control is intended to deter an individual from committing an intentional accounting error and concealing this error in the normal course of his or her duties To the extent that computerized accounting systems will handle functions that would be performed by more than one person under a manual system, the computerized version of the accounting information system cannot entirely adhere to this policy of separate responsibilities for related accounting processing functions A computerized accounting information system will tend to combine certain traditionally separated accounting tasks in its data processing, but use alternate means for the application of the separation of duties control Chapter 15 85 Section 404 of the Sarbanes Oxley (SOX) Act will likely add more cost to an audit Section 404 requires management in public companies to establish and maintain an adequate internal control system and appropriate procedures for financial reporting The annual report must include an assessment of this system and the procedures Finally, the external auditor must attest to and report on management’s statements and assertions 86 Some techniques and skills that would be helpful to an interviewer would include: session planning, interview structuring, understanding the use of various question formats, options for controlling and documenting an interview, and, perhaps most important – how to listen 87 Continuous auditing is the real-time assurance of accounting disclosures There is increased demand for continuous auditing because many businesses now report some information in real time using the Internet and stakeholders want more timely information There are five main continuous auditing techniques (1) Embedded audit modules are application subroutines that capture data related to high-risk areas and save these data in logs for auditors to review (2) Exception reporting allows the system to Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman continually monitor itself by reporting exception transactions Exception transactions are transactions that fall outside predefined specifications and are rejected by the system, such as an unusually large payment to a vendor (3) Transaction tagging allows auditors to tag transactions with special identifiers such that the transactions can be traced through processing steps in the AIS and logged for review (4) The snapshot technique involves marking transactions with code that triggers a snapshot process Snapshot data are recorded in a special file and reviewed by the auditor to verify that all processing steps have been properly performed (5) Continuous and intermittent simulation (CIS) embeds an audit module in a database management system (DBMS) The CIS module examines all transactions that update the DBMS and can independently process the data and compare to results obtained by the DBMS Short Answer Key – Page 10 ... documentation of Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman the processing logic for later reference The major advantage of decision... is a set of software programs that interfaces between the database and users or user programs Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, ... more wide-ranging protection of the integrity of the data in the database Short Answer Key – Page Core Concepts of Accounting Information Systems, 13th Edition, by Simkin, Rose, and Norman Chapter